sign.py revision 2286
2026N/A# The contents of this file are subject to the terms of the 2026N/A# Common Development and Distribution License (the "License"). 2026N/A# You may not use this file except in compliance with the License. 2026N/A# See the License for the specific language governing permissions 2026N/A# and limitations under the License. 2026N/A# When distributing Covered Code, include this CDDL HEADER in each 2026N/A# If applicable, add the following below this CDDL HEADER, with the 2026N/A# fields enclosed by brackets "[]" replaced with your own identifying 2026N/A# information: Portions Copyright [yyyy] [name of copyright owner] 2245N/A# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. 2026N/A """Emit an error message prefixed by the command name """ 2026N/A # If the message starts with whitespace, assume that it should come 2026N/A # *before* the command-name prefix. 2026N/A # This has to be a constant value as we can't reliably get our actual 2026N/A # program name on all platforms. 2026N/A """Emit a usage message and optionally prefix it with a more specific 2026N/A error message. Causes program to exit.""" 2026N/A pkgsign -s path_or_uri [-acik] [--no-index] [--no-catalog] 2026N/A [--sign-all | fmri-to-sign ...] 2026N/A """Fetch the catalog from src_uri.""" 2026N/A # Create a temporary directory for catalog. 2026N/A [
"help",
"no-index",
"no-catalog",
"sign-all"])
2026N/A usage(_(
"If a key is given to sign with, its associated " 2026N/A "certificate must be given."))
2268N/A usage(_(
"If a certificate is given, its associated key must be " 2026N/A usage(_(
"Intermediate certificates are only valid if a key " 2026N/A "and certificate are also provided."))
2026N/A usage(_(
"At least one fmri must be provided for signing."))
2026N/A usage(_(
"No fmris may be provided if the sign-all option is " 2026N/A usage(_(
"%s is not a recognized signature algorithm.") %
2026N/A usage(_(
"Using %s as the signature algorithm requires that a " 2026N/A "key and certificate pair be presented using the -k and -c " 2026N/A usage(_(
"The %s hash algorithm does not use a key or " 2026N/A "certificate. Do not use the -k or -c options with this " 2028N/A # Get the existing manifest for the package to 2026N/A # Construct the base signature action. 2026N/A # Add the action to the manifest to be signed 2026N/A # since the action signs itself. 2026N/A # Set the signature value and certificate 2026N/A # information for the signature action. 2026N/A # The hash of 'a' is currently a path, we need 2026N/A # to find the hash of that file to allow 2026N/A # comparison to existing signatures. 2026N/A # Check whether the signature about to be added 2026N/A # is identical, or almost identical, to existing 2028N/A # signatures on the package. Because 'a' has 2026N/A # already been added to the manifest, it is 2026N/A # generated by gen_actions_by_type, so the cnt 2026N/A # must be 2 or higher to be an issue. 2032N/A # Append the finished signature action to the # Establish a specific exit status which means: "python barfed an exception" # so that we can more easily detect these in testing of the CLI commands. # We don't want to display any messages here to prevent # possible further broken pipe (EPIPE) errors. This is an internal error in pkg(5) version %(version)s. Please let the developers know about this problem by including the information above (and this message) when filing a bug at: